internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-03-26 21:33:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8792635befe402f7ebb5f521bcdcd1e7fef9f1f9
community.crypto/tests/integration/targets/openssl_dhparam/tasks/impl.yml
Felix Fontein 8792635bef Fix some ansible-lint issues (#907) 
* Fix fqcn[action-core].

* Fix fqcn[action].

* Fix jinja[spacing].
2025-05-30 22:03:16 +02:00

124 lines
4.4 KiB
YAML
Raw Blame History

---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
# The tests for this module generate unsafe parameters for testing purposes;
# otherwise tests would be too slow. Use sizes of at least 2048 in production!
- name: "[{{ select_crypto_backend }}] Generate parameter (check mode)"
community.crypto.openssl_dhparam:
size: 768
path: '{{ remote_tmp_dir }}/dh768.pem'
select_crypto_backend: "{{ select_crypto_backend }}"
return_content: true
check_mode: true
register: dhparam_check
- name: "[{{ select_crypto_backend }}] Generate parameter"
community.crypto.openssl_dhparam:
size: 768
path: '{{ remote_tmp_dir }}/dh768.pem'
select_crypto_backend: "{{ select_crypto_backend }}"
return_content: true
register: dhparam
- name: "[{{ select_crypto_backend }}] Don't regenerate parameters with no change (check mode)"
community.crypto.openssl_dhparam:
size: 768
path: '{{ remote_tmp_dir }}/dh768.pem'
select_crypto_backend: "{{ select_crypto_backend }}"
return_content: true
check_mode: true
register: dhparam_changed_check
- name: "[{{ select_crypto_backend }}] Don't regenerate parameters with no change"
community.crypto.openssl_dhparam:
size: 768
path: '{{ remote_tmp_dir }}/dh768.pem'
select_crypto_backend: "{{ select_crypto_backend }}"
return_content: true
register: dhparam_changed
- name: "[{{ select_crypto_backend }}] Generate parameters with size option"
community.crypto.openssl_dhparam:
path: '{{ remote_tmp_dir }}/dh512.pem'
size: 512
select_crypto_backend: "{{ select_crypto_backend }}"
- name: "[{{ select_crypto_backend }}] Don't regenerate parameters with size option and no change"
community.crypto.openssl_dhparam:
path: '{{ remote_tmp_dir }}/dh512.pem'
size: 512
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_changed_512
- ansible.builtin.copy:
src: '{{ remote_tmp_dir }}/dh768.pem'
remote_src: true
dest: '{{ remote_tmp_dir }}/dh512.pem'
- name: "[{{ select_crypto_backend }}] Re-generate if size is different"
community.crypto.openssl_dhparam:
path: '{{ remote_tmp_dir }}/dh512.pem'
size: 512
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_changed_to_512
- name: "[{{ select_crypto_backend }}] Force re-generate parameters with size option"
community.crypto.openssl_dhparam:
path: '{{ remote_tmp_dir }}/dh512.pem'
size: 512
force: true
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_changed_force
- name: "[{{ select_crypto_backend }}] Create broken params"
ansible.builtin.copy:
dest: "{{ remote_tmp_dir }}/dhbroken.pem"
content: "broken"
- name: "[{{ select_crypto_backend }}] Regenerate broken params"
community.crypto.openssl_dhparam:
path: '{{ remote_tmp_dir }}/dhbroken.pem'
size: 512
force: true
select_crypto_backend: "{{ select_crypto_backend }}"
register: output_broken
- name: "[{{ select_crypto_backend }}] Generate params"
community.crypto.openssl_dhparam:
path: '{{ remote_tmp_dir }}/dh_backup.pem'
size: 512
backup: true
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_backup_1
- name: "[{{ select_crypto_backend }}] Generate params (idempotent)"
community.crypto.openssl_dhparam:
path: '{{ remote_tmp_dir }}/dh_backup.pem'
size: 512
backup: true
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_backup_2
- name: "[{{ select_crypto_backend }}] Generate params (change)"
community.crypto.openssl_dhparam:
path: '{{ remote_tmp_dir }}/dh_backup.pem'
size: 512
force: true
backup: true
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_backup_3
- name: "[{{ select_crypto_backend }}] Generate params (remove)"
community.crypto.openssl_dhparam:
path: '{{ remote_tmp_dir }}/dh_backup.pem'
state: absent
backup: true
select_crypto_backend: "{{ select_crypto_backend }}"
return_content: true
register: dhparam_backup_4
- name: "[{{ select_crypto_backend }}] Generate params (remove, idempotent)"
community.crypto.openssl_dhparam:
path: '{{ remote_tmp_dir }}/dh_backup.pem'
state: absent
backup: true
select_crypto_backend: "{{ select_crypto_backend }}"
register: dhparam_backup_5
Reference in New Issue View Git Blame Copy Permalink